DDNS compatible with Foreman DHCP management?

I just ran into an odd issue that I'm hoping has a simple solution. I
recently enabled DDNS management on my DHCP server that is managed by
Foreman.

ddns-updates on;
ddns-update-style interim;
update-static-leases on;
use-host-decl-names on;

Key from bind

include "/etc/rndc.key";
zone DOMAIN.TLD. {
primary 192.168.202.254;
key rndc-key;
}
zone 168.192.in-addr.arpa. {
primary 192.168.202.254;
key rndc-key;
}

This worked great when I would add "dhcp::host" Puppet resources, but I
just tried adding a host named "admin.DOMAIN.TLD" via Foreman and found the
DNS records created was "admin.DOMAIN.TLD.DOMAIN.TLD". This ended up
causing errors like this when provisioning completed. The host never
completed the build after 4 or 5 attempts so I tried to cancel the build
which failed and this is what the logs printed:

Started GET "/unattended/built?token=af784c4c-56c6-49ef-a09a-956084badfd6"
for 192.168.200.5 at 2015-04-07 12:54:51 -0500
Processing by UnattendedController#built as /
Parameters: {"token"=>"af784c4c-56c6-49ef-a09a-956084badfd6"}
Found admin.DOMAIN.TLD
unattended: admin.DOMAIN.TLD is Built!
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Completed 409 Conflict in 949ms (ActiveRecord: 13.3ms)

And

Started GET "/hosts/admin.DOMAIN.TLD/cancelBuild" for <OMIT> at 2015-04-07
12:54:39 -0500
Processing by HostsController#cancelBuild as HTML
Parameters: {"id"=>"admin.DOMAIN.TLD"}
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Failed to save: IP address has already been taken, Conflict DNS PTR Records
192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Redirected to https://foreman.DOMAIN.TLD/hosts/admin.DOMAIN.TLD
Completed 302 Found in 958ms (ActiveRecord: 16.8ms)

My guess the reason DDNS works for a "dhcp::host" and not a DHCP entry
added by foreman-proxy has to do with the host-name option set.

Example of something created by dhcp::host

host pdu9b {
hardware ethernet 00:C0:B7:CD:F9:D7;
fixed-address 192.168.206.78;
ddns-hostname "pdu9b";
option vendor-encapsulated-options 01:04:31:41:50:43;
}

Example of entries in /var/lib/dhcpd/dhcpd.leases

host admin.DOMAIN.TLD {
dynamic;
hardware ethernet 00:01:a4:aa:3a:4c;
fixed-address 192.168.200.5;
supersede host-name = "admin.DOMAIN.TLD";
}

This is somewhat dated instance of Foreman, 1.6.0, on CentOS 6.5.

I'm curious if this is a misconfiguration or if there are inherit issues
with managing both DNS and DHCP using Foreman and also allowing DHCP to do
DDNS. So far the DNS + DHCP management via Foreman and Foreman Proxy have
worked great, but some things can't be added to Foreman to create a DNS
record, like PDUs. So for those items I relied on "dhcp::host" and wanted
an "automatic" way to get those entries into DNS.

Thanks,

  • Trey

Hi,

I think it's because you omit the dot at the end of your fqdn : admin.DOMAIN
.TLD*. <- See the trailing dot.*

DNS work this way at least.

··· 2015-04-07 20:27 GMT+02:00 treydock :

I just ran into an odd issue that I’m hoping has a simple solution. I
recently enabled DDNS management on my DHCP server that is managed by
Foreman.

ddns-updates on;
ddns-update-style interim;
update-static-leases on;
use-host-decl-names on;

Key from bind

include “/etc/rndc.key”;
zone DOMAIN.TLD. {
primary 192.168.202.254;
key rndc-key;
}
zone 168.192.in-addr.arpa. {
primary 192.168.202.254;
key rndc-key;
}

This worked great when I would add “dhcp::host” Puppet resources, but I
just tried adding a host named “admin.DOMAIN.TLD” via Foreman and found the
DNS records created was “admin.DOMAIN.TLD.DOMAIN.TLD”. This ended up
causing errors like this when provisioning completed. The host never
completed the build after 4 or 5 attempts so I tried to cancel the build
which failed and this is what the logs printed:

Started GET "/unattended/built?token=af784c4c-56c6-49ef-a09a-956084badfd6"
for 192.168.200.5 at 2015-04-07 12:54:51 -0500
Processing by UnattendedController#built as /
Parameters: {“token”=>“af784c4c-56c6-49ef-a09a-956084badfd6”}
Found admin.DOMAIN.TLD
unattended: admin.DOMAIN.TLD is Built!
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Completed 409 Conflict in 949ms (ActiveRecord: 13.3ms)

And

Started GET “/hosts/admin.DOMAIN.TLD/cancelBuild” for at 2015-04-07
12:54:39 -0500
Processing by HostsController#cancelBuild as HTML
Parameters: {“id”=>“admin.DOMAIN.TLD”}
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Failed to save: IP address has already been taken, Conflict DNS PTR
Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Redirected to https://foreman.DOMAIN.TLD/hosts/admin.DOMAIN.TLD
Completed 302 Found in 958ms (ActiveRecord: 16.8ms)

My guess the reason DDNS works for a “dhcp::host” and not a DHCP entry
added by foreman-proxy has to do with the host-name option set.

Example of something created by dhcp::host

host pdu9b {
hardware ethernet 00:C0:B7:CD:F9:D7;
fixed-address 192.168.206.78;
ddns-hostname “pdu9b”;
option vendor-encapsulated-options 01:04:31:41:50:43;
}

Example of entries in /var/lib/dhcpd/dhcpd.leases

host admin.DOMAIN.TLD {
dynamic;
hardware ethernet 00:01:a4:aa:3a:4c;
fixed-address 192.168.200.5;
supersede host-name = “admin.DOMAIN.TLD”;
}

This is somewhat dated instance of Foreman, 1.6.0, on CentOS 6.5.

I’m curious if this is a misconfiguration or if there are inherit issues
with managing both DNS and DHCP using Foreman and also allowing DHCP to do
DDNS. So far the DNS + DHCP management via Foreman and Foreman Proxy have
worked great, but some things can’t be added to Foreman to create a DNS
record, like PDUs. So for those items I relied on “dhcp::host” and wanted
an “automatic” way to get those entries into DNS.

Thanks,

  • Trey


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

The value 'admin.DOMAIN.TLD' value in dhcpd.leases was set by the
foreman-proxy, so anything wrong with the values would be a bug with proxy
I think.

··· On Wed, Apr 8, 2015 at 9:46 AM, claude juif wrote:

Hi,

I think it’s because you omit the dot at the end of your fqdn : admin.
DOMAIN.TLD*. <- See the trailing dot.*

DNS work this way at least.

2015-04-07 20:27 GMT+02:00 treydock treydock@gmail.com:

I just ran into an odd issue that I’m hoping has a simple solution. I
recently enabled DDNS management on my DHCP server that is managed by
Foreman.

ddns-updates on;
ddns-update-style interim;
update-static-leases on;
use-host-decl-names on;

Key from bind

include “/etc/rndc.key”;
zone DOMAIN.TLD. {
primary 192.168.202.254;
key rndc-key;
}
zone 168.192.in-addr.arpa. {
primary 192.168.202.254;
key rndc-key;
}

This worked great when I would add “dhcp::host” Puppet resources, but I
just tried adding a host named “admin.DOMAIN.TLD” via Foreman and found the
DNS records created was “admin.DOMAIN.TLD.DOMAIN.TLD”. This ended up
causing errors like this when provisioning completed. The host never
completed the build after 4 or 5 attempts so I tried to cancel the build
which failed and this is what the logs printed:

Started GET
"/unattended/built?token=af784c4c-56c6-49ef-a09a-956084badfd6" for
192.168.200.5 at 2015-04-07 12:54:51 -0500
Processing by UnattendedController#built as /
Parameters: {“token”=>“af784c4c-56c6-49ef-a09a-956084badfd6”}
Found admin.DOMAIN.TLD
unattended: admin.DOMAIN.TLD is Built!
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Completed 409 Conflict in 949ms (ActiveRecord: 13.3ms)

And

Started GET “/hosts/admin.DOMAIN.TLD/cancelBuild” for at 2015-04-
07 12:54:39 -0500
Processing by HostsController#cancelBuild as HTML
Parameters: {“id”=>“admin.DOMAIN.TLD”}
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Failed to save: IP address has already been taken, Conflict DNS PTR
Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Redirected to https://foreman.DOMAIN.TLD/hosts/admin.DOMAIN.TLD
Completed 302 Found in 958ms (ActiveRecord: 16.8ms)

My guess the reason DDNS works for a “dhcp::host” and not a DHCP entry
added by foreman-proxy has to do with the host-name option set.

Example of something created by dhcp::host

host pdu9b {
hardware ethernet 00:C0:B7:CD:F9:D7;
fixed-address 192.168.206.78;
ddns-hostname “pdu9b”;
option vendor-encapsulated-options 01:04:31:41:50:43;
}

Example of entries in /var/lib/dhcpd/dhcpd.leases

host admin.DOMAIN.TLD {
dynamic;
hardware ethernet 00:01:a4:aa:3a:4c;
fixed-address 192.168.200.5;
supersede host-name = “admin.DOMAIN.TLD”;
}

This is somewhat dated instance of Foreman, 1.6.0, on CentOS 6.5.

I’m curious if this is a misconfiguration or if there are inherit issues
with managing both DNS and DHCP using Foreman and also allowing DHCP to do
DDNS. So far the DNS + DHCP management via Foreman and Foreman Proxy have
worked great, but some things can’t be added to Foreman to create a DNS
record, like PDUs. So for those items I relied on “dhcp::host” and wanted
an “automatic” way to get those entries into DNS.

Thanks,

  • Trey


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.


You received this message because you are subscribed to a topic in the
Google Groups “Foreman users” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/foreman-users/giJtX4il6A8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.

I mean just name the host admin.

··· 2015-04-08 22:51 GMT+02:00 Trey Dockendorf :

The value ‘admin.DOMAIN.TLD’ value in dhcpd.leases was set by the
foreman-proxy, so anything wrong with the values would be a bug with proxy
I think.

On Wed, Apr 8, 2015 at 9:46 AM, claude juif claude.juif@gmail.com wrote:

Hi,

I think it’s because you omit the dot at the end of your fqdn : admin.
DOMAIN.TLD*. <- See the trailing dot.*

DNS work this way at least.

2015-04-07 20:27 GMT+02:00 treydock treydock@gmail.com:

I just ran into an odd issue that I’m hoping has a simple solution. I
recently enabled DDNS management on my DHCP server that is managed by
Foreman.

ddns-updates on;
ddns-update-style interim;
update-static-leases on;
use-host-decl-names on;

Key from bind

include “/etc/rndc.key”;
zone DOMAIN.TLD. {
primary 192.168.202.254;
key rndc-key;
}
zone 168.192.in-addr.arpa. {
primary 192.168.202.254;
key rndc-key;
}

This worked great when I would add “dhcp::host” Puppet resources, but I
just tried adding a host named “admin.DOMAIN.TLD” via Foreman and found the
DNS records created was “admin.DOMAIN.TLD.DOMAIN.TLD”. This ended up
causing errors like this when provisioning completed. The host never
completed the build after 4 or 5 attempts so I tried to cancel the build
which failed and this is what the logs printed:

Started GET
"/unattended/built?token=af784c4c-56c6-49ef-a09a-956084badfd6" for
192.168.200.5 at 2015-04-07 12:54:51 -0500
Processing by UnattendedController#built as /
Parameters: {“token”=>“af784c4c-56c6-49ef-a09a-956084badfd6”}
Found admin.DOMAIN.TLD
unattended: admin.DOMAIN.TLD is Built!
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Completed 409 Conflict in 949ms (ActiveRecord: 13.3ms)

And

Started GET “/hosts/admin.DOMAIN.TLD/cancelBuild” for at 2015-04-
07 12:54:39 -0500
Processing by HostsController#cancelBuild as HTML
Parameters: {“id”=>“admin.DOMAIN.TLD”}
DNS PTR Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Failed to save: IP address has already been taken, Conflict DNS PTR
Records 192.168.200.5/admin.DOMAIN.TLD.DOMAIN.TLD already exists
Redirected to https://foreman.DOMAIN.TLD/hosts/admin.DOMAIN.TLD
Completed 302 Found in 958ms (ActiveRecord: 16.8ms)

My guess the reason DDNS works for a “dhcp::host” and not a DHCP entry
added by foreman-proxy has to do with the host-name option set.

Example of something created by dhcp::host

host pdu9b {
hardware ethernet 00:C0:B7:CD:F9:D7;
fixed-address 192.168.206.78;
ddns-hostname “pdu9b”;
option vendor-encapsulated-options 01:04:31:41:50:43;
}

Example of entries in /var/lib/dhcpd/dhcpd.leases

host admin.DOMAIN.TLD {
dynamic;
hardware ethernet 00:01:a4:aa:3a:4c;
fixed-address 192.168.200.5;
supersede host-name = “admin.DOMAIN.TLD”;
}

This is somewhat dated instance of Foreman, 1.6.0, on CentOS 6.5.

I’m curious if this is a misconfiguration or if there are inherit issues
with managing both DNS and DHCP using Foreman and also allowing DHCP to do
DDNS. So far the DNS + DHCP management via Foreman and Foreman Proxy have
worked great, but some things can’t be added to Foreman to create a DNS
record, like PDUs. So for those items I relied on “dhcp::host” and wanted
an “automatic” way to get those entries into DNS.

Thanks,

  • Trey


You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.


You received this message because you are subscribed to a topic in the
Google Groups “Foreman users” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/foreman-users/giJtX4il6A8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.